An analyst needs a practical option for repeatable threat response steps across diverse teams and technologies. Which approach addresses this requirement for consistent tasks and automated coordination?
Using a documented set of defined steps with built-in triggers
Searching logs to discover patterns for each event
Scheduling regular manual reviews of alerts
Keeping all remediation instructions in a policy library
This option formalizes the tasks to follow for typical threats and describes exactly how to handle each step, which promotes consistent responses and integrates with automation platforms. Policy libraries and manual reviews do not enforce a uniform process. Logs alone do not orchestrate actions between different teams and systems, whereas a structured set of procedures ensures each phase is addressed in a prescribed manner.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the benefit of using a documented set of defined steps with built-in triggers?
Open an interactive chat with Bash
How do built-in triggers enhance the threat response process?
Open an interactive chat with Bash
Why are policy libraries and manual reviews insufficient for consistent threat response?